rpm package
opensuse/wireshark&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed
Vulnerabilities (540)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-3555 | — | < 2.2.2-1.1 | 2.2.2-1.1 | May 25, 2013 | epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-2488 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers wri | ||
| CVE-2013-2487 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, rela | ||
| CVE-2013-2486 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) | ||
| CVE-2013-2485 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | ||
| CVE-2013-2484 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-2483 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D | ||
| CVE-2013-2482 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | ||
| CVE-2013-2481 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (appl | ||
| CVE-2013-2480 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-2479 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data. | ||
| CVE-2013-2478 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malfor | ||
| CVE-2013-2477 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-2476 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. | ||
| CVE-2013-2475 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 7, 2013 | The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-1590 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-1589 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-1588 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet | ||
| CVE-2013-1587 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-1586 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via |
- CVE-2013-3555May 25, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-2488Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers wri
- CVE-2013-2487Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, rela
- CVE-2013-2486Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop)
- CVE-2013-2485Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
- CVE-2013-2484Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-2483Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D
- CVE-2013-2482Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
- CVE-2013-2481Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (appl
- CVE-2013-2480Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-2479Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.
- CVE-2013-2478Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malfor
- CVE-2013-2477Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-2476Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.
- CVE-2013-2475Mar 7, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-1590Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-1589Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-1588Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet
- CVE-2013-1587Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-1586Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via
Page 23 of 27